General

  • Target

    91b6799084aa7843818b529a9f59c7d7c23c2b754bf4b654b1d048a37189fba9

  • Size

    2.6MB

  • Sample

    241110-awgaqaykgk

  • MD5

    8a5e86071c0bd76f09e99a2891ecde1b

  • SHA1

    80b187594b0fd04d81d34ccf70622a0b0283def6

  • SHA256

    91b6799084aa7843818b529a9f59c7d7c23c2b754bf4b654b1d048a37189fba9

  • SHA512

    7065e23bc598c2a1288d0af1558be6f97266e98c6f8e1dff29a11733d45a9000e13ff4018d48ac15f807fb2c62f60d160db36077232f7025dc6c35dd13bc9b57

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBjB/bS:sxX7QnxrloE5dpUpob

Malware Config

Targets

    • Target

      91b6799084aa7843818b529a9f59c7d7c23c2b754bf4b654b1d048a37189fba9

    • Size

      2.6MB

    • MD5

      8a5e86071c0bd76f09e99a2891ecde1b

    • SHA1

      80b187594b0fd04d81d34ccf70622a0b0283def6

    • SHA256

      91b6799084aa7843818b529a9f59c7d7c23c2b754bf4b654b1d048a37189fba9

    • SHA512

      7065e23bc598c2a1288d0af1558be6f97266e98c6f8e1dff29a11733d45a9000e13ff4018d48ac15f807fb2c62f60d160db36077232f7025dc6c35dd13bc9b57

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBjB/bS:sxX7QnxrloE5dpUpob

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks